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II. REMARKS 

This amendment is submitted in response to the Office Action mailed on April 15, 2008 
After carefully reviewing the Examiner's remarks, applicant has amended the claims to eliminate 
the phrases "who may be" and "who may also" to which the Examiner has objected under 35 
U.S.C. §1 12. Reconsideration and allowance of this application, as amended, is respectfully 
requested in view of these amendments and the remarks that follow. 

The three independent claims 1,17, and 22 are of similar scope - claim 1 is a method 
claim, while claims 17 and 22 are apparatus claims. Claim 22 differs from claim 17 in that it 
contains "means for" terminology. These three independent claims will be discussed together in 
the discussion which follows. Representative claim 1 will be the focus of the discussion below, 
which is also applicable to independent claims 17 and 22. 

A. The Claims Are Fully Supported By the Specification 

The Examiner has rejected all the claims under 35 U.S.C. §112 for "failing to comply 
with the enablement requirement" in that "[t]he claim(s) contains subject matter which is not 
described in the specification ..." Reconsideration of these grounds for rejection is respectfully 
requested. All three of the passages pointed out by the Examiner are fully supported by the 
specification. 

1. The First Passage Is Fully Supported By the Specification 

The first passage reads as follows: 

. . . where the term enterprise is defined to be a collection of computers, 
software, and networking that interconnects the computing environment of an 
organization of people. .." (claim 1, lines 2-3) 

This passage finds full support in the following passage, taken from page 8 of the 
specification: 
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Definition of Terms 

[0030] Enterprise . An enterprise is a collection of computers, software, 
and networking that interconnects the computing environment of an organization 
of people. ... 

A comparison of the above claim language and this passage taken from the specification 
reveals that they are essentially identical. Applicant has simply copied the specification's formal 
definition of the term "Enterprise" into each of the independent claims to clarify the meaning of 
this term. No "new matter" was introduced by the claim amendment. 

The Examiner should note that this definition, now part of the claim, expresses no 
geographic limitation on the size of an enterprise. An enterprise may be confined to one floor of 
a building, or to three buildings in a city or country, or it may extend world-wide. The key idea 
in this definition of the term "enterprise" is that the "enterprise" is the computers, software, and 
networks that connect a single "organization of people" together - for example, all the 
employees of a "for profit" company, or all the staff of a government agency, or all the students 
and faculty of a university. Any of these entities may do business in many different locations. 
The present invention, for example, might be used to conduct a security audit of computers and 
networks at the University of Michigan (which has campuses in several different cities) and then 
to compare the result of that security audit with the combined results of security audits of 20 
other universities conducted previously. 

2. The Second Passage Is Fully Supported by the Specification 

The second passage reads as follows: 

where a peer group is defined to be a group of one or more enterprises 
assigned to the same business category as the first enterprise, enterprises involved 
in the same (or a similar) industry or business as the first enterprise, enterprises 
having computers configured similarly to the first enterprise's computers, or 
enterprises required to comply with the same security standards as the first 
enterprise, or a combination of these. (Claim 1, lines 14-18.) 

This passage finds full support in the following passage, taken from page 1 1 of the 
specification: 
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Definition of Terms 

[0046] Peer Group . The relevant peer group of an enterprise that is 
being audited can be defined in several different ways: For example, it can be 
enterprises assigned to the same business category as the enterprise; enterprises 
involved in the same (or a similar) industry or business as the enterprise (health, 
education, military, etc.); enterprises having computers configured similarly to the 
enterprise's computers (considering both systems and business configuration); or 
enterprises required to comply with the same security standards as the enterprise; 
or a combination of these. 

A comparison of the above claim language and this passage taken from the specification 
reveals that they are also essentially identical, with the claim leaving out some portions of this 
passage. Applicant has once again simply copied the specification's formal definition of the 
term "Peer Group" into each of the independent claims to clarify the meaning of this term. No 
"new matter" was added to the claim. 

To continue the above example, it would make no sense to compare the results of a 
security audit of the University of Michigan's computers and networks with the results of a 
security audit of a commercial business, or of the army, or of a nuclear power plant. To be 
meaningful, the security of the University of Michigan's computers and networks must be 
compared to the security of computers and networks at other comparable large universities. The 
word "peer" is defined in Merriam Webster's Collegiate Dictionary (10 th Edition, 1999) to mean 
"one that is of equal standing with another: EQUAL; esp : one belonging to the same societal 
group esp. based on age, grade, or status." This word is used in the specification and claims to 
mean that a comparison of one enterprise's security audit to security audits of several other 
enterprises is only useful when the enterprises form a "peer" group in that they are all in the 
same business, or they all have similarly-configured computers, or they are all required to 
comply with the same security standards. In this sense, the University of Michigan is a "peer" 
of Ohio State, University of Illinois, etc., and it makes sense to study their comparative security 
in the manner taught by the present application and called for by the claims. 

3. The Third Passage Is Supported By the Specification 
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The third passage objected to by the Examiner is the underlined passage within the 
following excerpt taken from claim 1 : 

collecting security information from the computers of the first enterprise 
under audit; 

analyzing the security information and providing a first result of this 
analysis; and 

comparing this first result with a second result comprising information 
derived from information previously obtained through application of the 
collecting and analyzing steps to one or more other enterprises that interconnect 
the computing environments of other different organizations of people, these one 
or more other enterprises together forming a relevant peer group of other different 
organizations of people, the result of this comparing step indicating the relative 
security of the first enterprise under audit relative to that of the peer group of one 
or more other enterprises; (Claim 1 , lines 5-1 3 - The passage objected to by the 
Examiner has been underlined.) 

This claim passage finds full support in Figure 1 of the present application, and in the 
accompanying text. With reference to Figure 1 and to paragraph [0053], the following steps are 



Step 102: "Collecting information concerning enterprise security from 
field nodes [meaning computers in the field]." 

Step 110: "Evaluate [or analyze] security configuration information." 

Step 112: "Compare results of evaluation [or analysis] to industry 
standards information" which is obtained from an "industry standards (peer 
group) database 1 14." 

"... Following step 1 10, the results of this evaluation, and in particular 
any information defining security issues identified by the analyzers, are compared 
in step 1 12 to the results of prior analyses of security information gathered 
previously from a relevant peer group of other similar enterprises, companies, or 
agencies involved in the same or in a similar industry as the enterprise being 
audited, or otherwise having security needs that are similar to those of the 
enterprise being audited. ..." (Lines 1 1-16 of paragraph [0053] on page 14.) 

Figure 1 and the passage quoted above taken from paragraph [0053] fully support and 
also fully explain the third passage in claim 1 to which the Examiner has objected. 
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In view of the presence of full support in the specification for all the language of claim 1 , 
and in view of the clarity of this language which accurately and fully describes the claimed 
invention, and since the remaining two independent claims 1 7 and 22 also contain this same 
clear and fully-supported language, applicant respectfully requests reconsideration of this 
grounds for objection and allowance of the claims as amended. 

B. The Cited References Do Not Render the Present Invention Obvious 

The Examiner has rejected all of the claims under 35 U.S.C. § 103(a) as obvious and thus 
unpatentable over patent application No. 2003/0065942 published on April 3, 2003 and filed by 
David J. Lineman, et al. on September 28, 2001 in view of patent application No. 2004/0068431 
published April 8, 2004 and filed by Michael W. Smith, et al. on October 3, 2003 (claiming the 
priority of a provisional application filed on October 7, 2002). Reconsideration of these grounds 
for rejection is respectfully requested in view of the remarks which follow. 

1. Only One "Enterprise" is Disclosed in Lineman 

The Lineman, et al. patent application discloses only a single enterprise. It teaches 
conducting a security audit of that single enterprise by comparing the state of the computers in 
that enterprise to standards established by a security administrator, not to the state of computers 
in other similar (or "peer group") enterprises. 

The Examiner mistakenly has concluded that the "three different platform groups 20, 22, 
and 24, where each one of the platforms has their own group of personal computers 50 form the 
three individual enterprise environments." But the Lineman, et al. patent application teaches just 
the opposite of what the Examiner says here. The Lineman, et al. patent application teaches that 
all three of the platform groups 20, 22, and 24 are parts of a single corporate enterprise. 

The Examiner is referred to Figure 1 of the Lineman, et al. application and to the first 
sentence of paragraph [0026] on page 2, where it says: "Referring to FIG. 1, a typical, 
'enterprise-sized' network 10 is illustrated And in the first sentence of paragraph [0029] on 
that same page it says: "Using the desktop computers 50, the users 54 may access the corporate 
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network 10." Clearly, then, the Lineman, et al. patent application teaches that all of the 
computers 50 shown in Figure 1 and forming the network 10 are parts of a "corporate network 
10" that is an "enterprise-sized" network. There is no teaching that the platform groups 20, 22, 
and 24 are "enterprises" as that term is defined in the present application. 

2. Enterprises Are Business Organizations, Not Arbitrary Groups of 

Networked Computers 

The Examiner is still insisting that an "enterprise" can be any networked-together group 
of computers. There may be some narrow computer environments where some technical geeks 
misuse the word "enterprise" in this fashion, but this is not the correct usage of this term. The 
Examiner is referred to definition three set forth in Merriam Webster's Collegiate Dictionary 
(Tenth Edition 1999) where the word "enterprise" is defined to be "a unit of economic 
organization or activity; esp. a business organization." In the present application, consistent with 
this dictionary definition, the word "enterprise" is formally defined (under the heading 
" Definition of Terms ") to be "a collection of computers, software, and networking that 
interconnects the computing environment of an organization of people." Thus, the computers 
and networks of the Hewlett-Packard Company form an enterprise, as to the computers and 
networks of the University of Michigan or of the Illinois State Police. 

3. An Inventor May Define the Meaning of Terms such as "Enterprise" and 

"Peer Group" In the Patent Specification 

Even if the Examiner's understanding of the meaning of the word "enterprise" was 
correct, none-the-less the Examiner is bound by law to accept and use Applicant's definition of 
this term when interpreting the claims. The Examiner is referred to Tele/lex, Inc. v. Ficosa North 
America Corp., 299 F.3d 1313, 1325 (Fed. Cir. 2002) where it says that a patent applicant may 
define the specific terms he or she uses to describe an invention: 

Among the intrinsic evidence, "the specification is always highly relevant 
to the claim construction analysis. Usually, it is dispositive; it is the single best 
guide to the meaning of a disputed term." Vitronics, 90 F.3d at 1582, 39 USPQ2d 
at 1576. "One purpose for examining the specification is to determine if the 
patentee has limited the scope of the claims." Watts v. XL Sys., Inc., 232 F.3d 877, 
882, 56 USPQ2d 1836, 1839 (Fed. Cir. 2000). For example, an inventor may 
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choose to be his own lexicographer if he defines the specific terms used to 
describe the invention "with reasonable clarity, deliberateness, and precision." In 
re Paulsen, 30 F.3d 1475, 1480, 31 USPQ2d 1671, 1674 (Fed.Cir.1994). Such a 
definition may appear in the written description, Intellicall, Inc. v. Phonometrics, 
Inc., 952 F '.2d 1384, 1388,21 USPQ2d 1383, 1386 (Fed.Cir.1992), ... 

The application before the Examiner contains a formal section entitled " Definition of 
Terms " (pages 8-1 1) in which clear, deliberate, and precise definitions of such terms as 
"enterprise" and "peer group" are set forth. The applicant has chosen to be his own 
lexicographer, writing his own small dictionary for use by the Examiner and others when gaining 
an understanding of his invention and his claims. The above CAFC decision instructs the 
Examiner to be guided by this small dictionary when interpreting the meaning and scope of the 
claim language. 

Applicant's definition of the word "enterprise" (quoted above) uses this term to describe 
the computers and networks of a business or a university or an agency or other business 
organization, not simply any arbitrary collection of computers networked together. Using 
applicant's definition of "enterprise," the Examiner will agree that the Lineman et al. patent 
application discloses only one enterprise, not three. 

4. The Results of Lineman's Security Audits Are Compared Only to 

Standards, Not to the Results of Audits of Peer Group Enterprises 

The Lineman et al. patent application teaches that "professionals skilled in the art of 
protecting information" create "a security policy" and also "select a more detailed set of 
standards. These "are used to protect company information based on the perceived risk to the 
asset." (Lineman, et al, page 1, paragraph [0005]). When security audits are conducted, the 
results of those audits are simply judged against these detailed standards. There is no teaching at 
all in the Lineman et al. patent application that the results of a security audit of the enterprise 10 
shown in Figure 1 should be compared to the results of security audits performed upon "peer 
group" enterprises - that is, other companies in the same business, or other companies having 
similarly configured enterprise networks and computers. Hence, the "comparing" step set forth 
in claim 1 is entirely missing from the Lineman et al. patent application. 
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5. The Smith Patent Application Does Not Teach the Claim Elements that 
are Missing from the Lineman Patent Application 

The Examiner cites the Smith, et al. patent application because he maintains it teaches 
"comparing the audit report with other companies." The Examiner refers to paragraph [0010] of 
the Smith, et al. patent application. But the only relevant statement that appears in that 
paragraph is the following statement (lines 15-23 of paragraph [0010]): 

. . . Standard measures provide a common language and a set of definitions for 
discussing operational performance, comparing performance between companies 
and between entities within the same company. However, operational 
performance standards do not exist. What investors and business executives need 
is standards of operational performance for the guidance and education of 
business management in order to fill the measurement gap. 

First of all, the Smith, et al. patent application is not directed to security audits, the focus 
of the present invention. The Smith, et al. patent application is instead directed to audits of 
"operational performance," an entirely different subject. A brief glance at Figure 4, for example, 
indicates that the focus is upon "Market Responsiveness 1 10", "Sales Effectiveness 120", 
Customer Responsiveness 210", and the like - factors quite different from password security and 
file management security which are discussed at length in the present application. The Smith, et 
al. patent application is thus irrelevant to the present invention, and thus its teachings cannot be 
meaningfully combined with those of the Lineman, et al. patent application to achieve 
anticipation under Section 103. 

And secondly, even were it relevant to the present invention, the paragraph quoted above 
still only teaches comparing performance to fixed standards, and not to the performance of peer 
group industries. 

The Examiner should note once more that in the claims, the computers of the first 
enterprise under audit are not compared against any fixed auditing standard - all such language 
has been deleted from the independent claims. The computers of the first enterprise are 
compared instead to the computers of other enterprises classified into the same "peer group" 
with the first enterprise. For example, the computers of one hospital are audited for security 
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compliance, and the results of this audit are compared to the results of auditing for security 
compliance the computers of one or several other hospitals that form a peer group with the first 
hospital. The Smith, et al. patent application, which compares performance against standards, 
simply does not teach this either alone or in combination with the Lineman, et al. patent 
application. 

The specification states in paragraphs [0054] and [0055] some of the advantages of 
proceeding with a security audit in this way: 

[0054] The reports generated following such a comparison focus upon the 
relative adequacy of the security measures in place within the enterprise being audited in 
comparison to the security norms in comparable enterprises, as is illustrated in Fig, 6, 
instead of focusing only upon the general security status of the enterprise. Accordingly, 
support engineers, and in particular engineers who may be skilled in enterprise security 
but not necessarily skilled in the security problems of the particular type of enterprise 
being audited (military, medical, academic, general business, etc.) do not have to wade 
through large amounts of security configuration information to identify and isolate 
problems - the security problems are highlighted by the comparative reports. Also, 
support engineers not necessarily skilled in the security aspects of enterprises in general 
do not have to concern themselves with failing to address some important security issue, 
since all relevant and material security issues are automatically addressed. 

[0055] ... [A] report is generated that illustrates in detail the results of the 
comparison between the security configuration of the enterprise under audit and the ... 
industry averaged information for comparable industries (see, for example, the report 600 
presented in Fig. 6). ... 

The prior art Lineman, et al. and Smith, et al. patent applications do not work in this 
fashion. They compare the results of security auditing to standards, not to the results of auditing 
peer group enterprises. Accordingly, they do not teach the present invention as claimed. 

Conclusion 

The claims now before the Examiner are believed to be patentable over the art of record. 
Accordingly, their allowance is respectfully requested. 

The Commissioner is hereby authorized to charge any additional fees which may be 
required regarding this application under 37 C.F.R. §§ 1.16-1.17, or credit any overpayment, to 
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Deposit Account No. 08-2025. Should no proper payment be enclosed herewith, as by a check 
being in the wrong amount, unsigned, post-dated, otherwise improper or informal or even 
entirely missing, the Commissioner is authorized to charge the unpaid amount to Deposit 
Account No. 08-2025. If any extensions of time are needed for timely acceptance of papers 
submitted herewith, Applicants hereby petition for such extension under 37 C.F.R. §1.136 and 
authorizes payment of any such extensions fees to Deposit Account No. 08-2025. 



Respectfully submitted, 



Date July 15.2008 



By /James A. Sprowl/ 



FOLEY & LARDNER LLP 
3000 K Street, NW 



James A. Sprowl 
Attorney for Applicants 
Registration No. 25,061 



Washington, DC 20007 
Telephone: 202-672-5399 
(Attorney William T. Ellis) 
Facsimile: 202-672-5399 



Telephone 847-446-7399 



-17- 



